Authentication system

US 9,721,244 B2
Filed: 03/15/2013
Issued: 08/01/2017
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. An authentication method, comprising:

generating, on a merchant device, first encrypted data comprising an identifier for the merchant device, a first transaction identifier, and time, encrypted using a first randomly generated key;

encrypting the first randomly generated key using a public key to generate an encrypted key;

combining the encrypted key and the first encrypted data to generate an image code;

generating a video by skinning a cube with the image code on each face, and rotating the cube at a specific rate and a specific direction based upon time;

displaying the video on a display device for capture by a consumer device;

receiving, on an authentication server from the consumer'"'"'s device, the first encrypted data encrypted generated using the first random key, wherein the first encrypted data includes the encryption time, an identifier for the consumer'"'"'s device, encrypted merchant data encoded in the image, the rate of rotation and the direction of rotation, and wherein the encrypted merchant data encoded in the image includes a second random key encrypted using a second public key, and time, merchant identifier, and the first transactions identifier encrypted using the second random key;

decrypting, on an authentication server, the first random key using the first public key, the first encrypted data using the decrypted first random key, the second random key using the second public key, and the time, merchant identifier and the first transaction identifier using the decrypted second random key;

calculating, on an authentication server, a correct rate of rotation and direction of rotation using the decrypted time;

generating, on an authentication server, a push notification to the merchant system corresponding to the decrypted merchant identifier with the decrypted second random key, a second transaction identifier matching the decrypted first transaction identifier, and the identifier for the consumer'"'"'s device when the calculated correct rate of rotation and direction of rotation match the received rate of rotation and direction of rotation;

receiving the push notification from the authentication server; and

authenticating the consumer device if the first transaction identifier matches the second transaction identifier and the first randomly generated key matches the second key.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A two way authentication method, including receiving by an authentication server first encrypted data from a merchant computing device, receiving by the authentication server second encrypted data from a customer computing device, determining by the authentication server if the first encrypted data matches the second encrypted data, if the first encrypted data matches the second encrypted data, authenticating the customer computing device, if the first encrypted data does not matches the second encrypted data, not authenticating the customer computing device.

6 Citations

12 Claims

1. An authentication method, comprising:
- generating, on a merchant device, first encrypted data comprising an identifier for the merchant device, a first transaction identifier, and time, encrypted using a first randomly generated key;
  
  encrypting the first randomly generated key using a public key to generate an encrypted key;
  
  combining the encrypted key and the first encrypted data to generate an image code;
  
  generating a video by skinning a cube with the image code on each face, and rotating the cube at a specific rate and a specific direction based upon time;
  
  displaying the video on a display device for capture by a consumer device;
  
  receiving, on an authentication server from the consumer'"'"'s device, the first encrypted data encrypted generated using the first random key, wherein the first encrypted data includes the encryption time, an identifier for the consumer'"'"'s device, encrypted merchant data encoded in the image, the rate of rotation and the direction of rotation, and wherein the encrypted merchant data encoded in the image includes a second random key encrypted using a second public key, and time, merchant identifier, and the first transactions identifier encrypted using the second random key;
  
  decrypting, on an authentication server, the first random key using the first public key, the first encrypted data using the decrypted first random key, the second random key using the second public key, and the time, merchant identifier and the first transaction identifier using the decrypted second random key;
  
  calculating, on an authentication server, a correct rate of rotation and direction of rotation using the decrypted time;
  
  generating, on an authentication server, a push notification to the merchant system corresponding to the decrypted merchant identifier with the decrypted second random key, a second transaction identifier matching the decrypted first transaction identifier, and the identifier for the consumer'"'"'s device when the calculated correct rate of rotation and direction of rotation match the received rate of rotation and direction of rotation;
  
  receiving the push notification from the authentication server; and
  
  authenticating the consumer device if the first transaction identifier matches the second transaction identifier and the first randomly generated key matches the second key.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the image code is a QR code.
  - 3. The method of claim 1, wherein the public key is known to the authentication server.
  - 4. The method of claim 1, wherein the time dependent specific rate of rotation and specific direction of rotation is known to the authentication server.
  - 5. The method of claim 1, wherein the push notification includes a time stamp for the image code.
  - 6. The method of claim 1, wherein the first encrypted data includes GPS information.

7. An article of manufacture comprising a non-transitory computer readable medium having computer readable program code encoded therein to perform authentication of a customer computing device located adjacent to a merchant computing device, the computer readable program code comprising a series of computer readable program steps to effect:
- generating, on a merchant device, first encrypted data comprising an identifier for the merchant device, a first transaction identifier, and time encrypted using a first randomly generated key;
  
  encrypting the first randomly generated key using a public key to generate an encrypted key;
  
  combining the encrypted key and the first encrypted data to generate an image code;
  
  generating a video by skinning a cube with the image code on each face, and rotating the cube at a specific rate and a specific direction based upon time;
  
  displaying the video on a display device for capture by a consumer device;
  
  receiving, on an authentication server from the consumer'"'"'s device, the first encrypted data encrypted generated using the first random key, wherein the first encrypted data includes the encryption time, an identifier for the consumer'"'"'s device, encrypted merchant data encoded in the image, the rate of rotation and the direction of rotation, and wherein the encrypted merchant data encoded in the image includes a second random key encrypted using a second public key, and time, merchant identifier, and the first transactions identifier encrypted using the second random key;
  
  decrypting, on an authentication server, the first random key using the first public key, the first encrypted data using the decrypted first random key, the second random key using the second public key, and the time, merchant identifier and the first transaction identifier using the decrypted second random key;
  
  calculating, on an authentication server, a correct rate of rotation and direction of rotation using the decrypted time;
  
  generating, on an authentication server, a push notification to the merchant system corresponding to the decrypted merchant identifier with the decrypted second random key, a second transaction identifier matching the decrypted first transaction identifier, and the identifier for the consumer'"'"'s device when the calculated correct rate of rotation and direction of rotation match the received rate of rotation and direction of rotation;
  
  receiving the push notification from the authentication server; and
  
  authenticating the consumer device if the first transaction identifier matches the second transaction identifier and the first randomly generated key matches the second key.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The article of manufacture of claim 7, wherein the image code is a QR code.
  - 9. The article of manufacture of claim 7, wherein the public key is known to the authentication server.
  - 10. The article of manufacture of claim 7, wherein the time dependent specific rate of rotation and specific direction of rotation is known to the authentication server.
  - 11. The article of manufacture of claim 7, wherein the push notification includes a time stamp for the image code.
  - 12. The article of manufacture of claim 7, wherein the first encrypted data includes GPS information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Maher Pedersoli
Original Assignee
Maher Pedersoli
Inventors
Pedersoli, Maher
Primary Examiner(s)
Seoh, Minnah
Assistant Examiner(s)
DURANT, JONATHAN W

Application Number

US13/839,301
Publication Number

US 20140279560A1
Time in Patent Office

1,600 Days
Field of Search

705 44, 705 39, 705 21, 705 71, 705 261, 705 41, 705 16, 705 43, 705 67
US Class Current
CPC Class Codes

G06Q 20/3224   Transactions dependent on l...

G06Q 20/3276   using a pictured code, e.g....

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3823   combining multiple encrypti...

Authentication system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

6 Citations

12 Claims

Specification

Use Cases

Quick Links

Others

Authentication system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

6 Citations

12 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others